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DETAILED ACTION 



Claim Objections 

1 . Claim 42 is objected to because of the following informalities: Line 1 1 of the claim 
repeats the words "step of. Appropriate correction is required. 



1 . The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

2. Regarding claim 17, the phrases "can make use of and "may exist" render the claim 
indefinite because it is unclear whether the limitations following the phrase are part of the 
claimed invention. See MPEP § 2173.05(d). 

3. Regarding claim 20, the phrases "can make use of and "may exist" render the claim 
indefinite because it is unclear whether the limitations following the phrase are part of the 
claimed invention. See MPEP § 2173.05(d). 

4. Regarding claim 23, the phrase "can send" renders the claim indefinite because it is 
unclear whether the limitations following the phrase are part of the claimed invention. See 
MPEP § 2173:05(d). 

5. Claim 29 recites the limitation "said fast path processor system" in line 1 . There is 
insufficient antecedent basis for this limitation in the claim. It should be changed to "said fast 
path processor subsystem". 



Claim Rejections - 35 USC §112 
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6. Regarding claim 37, the phrases "can make use of and "may exist" render the claim 
indefinite because it is unclear whether the limitations following the phrase are part of the 
claimed invention. See MPEP § 2173.05(d). 

7. Regarding claim 37, the phrase "may be" renders the claim indefinite because it is 
unclear whether the limitations following the phrase are part of the claimed invention. See 
MPEP § 2173.05(d). 

Claim Rejections - 35 USC §102 

8. The following is a quotation of the appropriate paragraphs of 35 U.S. C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

9. Claims 1-7, 11-13, 15-21, 23-29, 32-35, 37-42, and 44 are rejected under 35 
U.S.C. 102(b) as being anticipated by Beasley (U.S. Patent No. 5,949,785). 

10. Referring to claim 1, Beasley discloses a network gateway device (see column 10, lines 
25-47), comprising: a physical interface for connection to a medium (Adapter Card Ports); an 
ingress processor system for ingress processing of all or part of packets received from said 
physical interface and for sending ingress processed packets for egress processing (Adapter 
Cards); an egress processor system for receiving ingress processed packets and for egress 
processing of all or part of received packets for sending to the physical interface (Adapter 
Cards); interconnections including an interconnection between said ingress processor system and 
said egress processor system (Back Plane), an interconnection between said ingress processor 
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system and said physical interface (see column 10, lines 25-47) and an interconnection between 
said egress processor system and said physical interface (see column 10, lines 25-47). 

1 1 . Referring to claim 2, Beasley discloses a packet queue establishing a queue of packets 
location awaiting transmission, said packet queue being the exclusive buffer location for packets 
between packets entering the device and packet transmission (see Abstract). 

12. Referring to claim 3, Beasley discloses that packets exit the device at a rate of the line 
established at the physical interface (see column 19, lines 45-67, column 20, lines 1-13, and 
column 21, lines 20-33). 

1 3 . Referring to claim 4, Beasley discloses that said ingress processing system processes 
packets including at least one or more of protocol translation, de-encapsulation, decryption, 
authentication, point-to-point protocol (PPP) termination and network address translation (NAT) 
and said egress processing system processes packets including at least one or more of protocol 
translation, encapsulation, encryption, generation of authentication data, PPP generation and 
NAT (see column 10, lines 25-47). 

14. Referring to claim 5, Beasley discloses that said ingress processor system includes a fast 
path processor subsystem processing packets at speeds greater than or equal to the rate at which 
they enter the device (see column 22, lines 58-67 and column 23, lines 1-42). 

1 5. Referring to claim 6, Beasley discloses that said fast path processor system provides 
protocol translation processing converting packets from one protocol to another protocol (see 
column 10, lines 25-47 and column 21, lines 20-33). 
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16. Referring to claim 7, Beasley discloses that said egress processor system includes a fast 
path processor subsystem processing packets at speeds greater than or equal to the rate at which 
they are to leave the device (see column 22, lines 58-67 and column 23, lines 1-42). 

17. Referring to claim 11, Beasley discloses that said ingress processor system includes a 
control packet processor for additional packet processing concurrently with fast path processor 
packet processing, including processing packets signaling the start and end of data sessions, 
packets used to convey information to a particular protocol and packets dependent on interaction 
with external entities (see column 8, lines 57-65). 

18. Referring to claim 12, disclose that said physical interface includes a line card and said 
ingress processor system is provided as part of a service card and said egress processor system is 
provided in one of said service card and another service card and said interconnections include: a 
line card bus connected to said line card; a service card bus connected to at least one of said 
service card and said another service card; and a switch fabric connecting said line card to at 
least one of said service card and said another service card (see column 8, lines 44-65 and 
column 10, lines 26-47). 

19. Referring to claim 13, Beasley discloses that said service card includes said ingress 
processor system and said egress processor system and said another service card includes another 
ingress processor system for processing all or part of packets received from said line card and for 
sending ingress processed packets for egress processing and another egress processor system for 
receiving ingress processed packets and for processing all or part of received packets for sending 
to said line card, whereby packets may be sent between service cards for ingress processing by 
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one service card and egress processing by another service card or for ingress processing using 
more than one service card (see column 8, lines 44-65 and column 10, lines 26-47). 

20. Referring to claim 15, Beasley discloses that said physical interface includes another line 
card connected by said switch fabric to at least one of said service card and said another service 
card (see column 8, lines 44-65 and column 10, lines 26-47). 

21. Referring to claim 16, Beasley discloses that said switch fabric connects any one of said 
line cards to any one of said service cards, whereby any line card can send packet traffic to any 
service card and routing of packet traffic is configured one of statically and dynamically by the 
said line card (see column 8, lines 44-65 and column 10, lines 26-47). 

22. Referring to claim 17, Beasley discloses that said service card bus includes a static bus 
part for connection of one of said service cards through said switch fabric to one of said line 
cards and a dynamic bus for connecting a service card to another service card through said fabric 
card allowing any service card to send packet traffic requiring ingress processing to any other 
service card for ingress processing and allowing any service card to send traffic requiring egress 
processing to any other service card for egress processing, whereby the system can make use of 
unused capacity that may exist on the other service cards (See Figure 1 and column 1, lines 12- 
67). 

23. Referring to claim 18, Beasley discloses a network gateway device, comprising: a 
plurality of line cards having a physical interface for connection to a medium; and a plurality of 
service cards, each service card including an ingress processor for processing all or part of data 
received from one of said line cards and for sending ingress processed packets for egress 
processing and each of said service cards including an egress processor for receiving ingress 
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processed packets and for processing all or part of received packets for sending to one of said 
line cards; a line card bus connected to each of said line cards; a service card bus connected to 
each of said service cards; and a switch fabric connecting individual line cards to individual 
service cards, whereby packets may be sent between service cards for ingress processing by one 
service card and ingress processing by another service card or for shared ingress processing 
between more than one service card (see Figure 1 and column 10, lines 25-47). 

24. Referring to claim 19, Beasley discloses a network gateway device, comprising: a first 
line card; a first service card for packet processing including a first ingress processing system for 
at least one or more of de-encapsulation and decryption and a first egress processing system for 
at least one or more of encapsulation and encryption; a second line card; a second service card 
for packet processing including a second ingress processing system for at least one or more of 
de-encapsulation and decryption and a second egress processing system for at least one or more 
of encapsulation and encryption; a switch fabric and connection interfaces connecting at least 
said first line card to said first service card, connecting said second line card to said second 
service card and connecting said first service card to said second service card (see Figure 1 and 
column 10, lines 25-47). 

25. Referring to claim 20, Beasley discloses that said connection interfaces include a static 
bus part for connection of one of said service cards through said switch fabric to one of said line 
cards and a dynamic bus for connecting a service card to another service card through said fabric 
card allowing any service card to send packet traffic requiring ingress processing to any other 
service card for ingress processing and allowing any service card to send traffic requiring egress 
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processing to any other service card for egress processing, whereby the system can make use of 
unused capacity that may exist on other service cards (see Figure 1 and column 10, lines 25-47). 

26. Referring to claim 21, Beasley discloses that each of said first ingress processing 
subsystem, said first egress processing subsystem, said second ingress processing subsystem and 
said second egress processing subsystem include physically separate packet processing (see 
Figure 1 and column 10, lines 25-47). 

27. Referring to claim 23, Beasley discloses that said switch fabric connects any one of said 
line cards to any one of said service cards, whereby any line card can send packet traffic to any 
service card and routing of packet traffic is configured one of statically and dynamically to 
establish virtual traffic segregation for segregating traffic using one or more common service 
card and line card and to establish physical traffic segregation wherein traffic is segregated using 
groups of one or more service card and one or more line card (see Figure 1 and column 10, lines 
25-47). 

28. Referring to claim 24, Beasley discloses that said switch fabric connects any one of said 
line cards to any one of said service cards, whereby any line card can send packet traffic to any 
service card and routing of packet traffic is configured one of statically and dynamically by said 
line card (see column 10, lines 25-47). 

29. Referring to claim 25, Beasley discloses a network gateway process, comprising: 
receiving packets from a network via a physical interface connected to a medium; ingress 
processing of packets, with an ingress processing system, including one or more of protocol 
translation processing, de-encapsulation, decryption, authentication, point-to-point (PPP) 
termination and network address translation (NAT); transferring packets to an egress packet 
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processing subsystem; egress processing said packets, with the egress processing system, 
including one or more of protocol translation, encapsulation, encryption, generation of 
authentication data, PPP generation and NAT processing (see column 10, lines 25-47). 

30. Referring to claim 26, Beasley discloses establishing a queue of packets awaiting 
transmission; and transmitting queued packets via the physical interface, said packet queue being 
the exclusive buffer for packets between packets entering the ingress processing system and 
packet transmission (see Abstract). 

3 1 . Referring to claim 27, Beasley discloses that packets are processed by said ingress 
processor at a rate of ingress at the physical interface (see column 19, lines 45-67, column 20, 
lines 1-13, and column 21, lines 20-33). 

32. Referring to claim 28, Beasley discloses that said ingress processor system includes a fast 
path processor subsystem processing packets at speeds greater than or equal to the rate at which 
packets enter the ingress processor system (see column 22, lines 58-67 and column 23, lines 1- 
42). 

33. Referring to claim 29, Beasley discloses that said fast path processor system provides 
protocol translation processing converting packets from one protocol to another protocol (see 
column 10, lines 25-47). 

34. Referring to claim 32, Beasley discloses that said ingress processor system includes a 
control packet processor for additional packet processing concurrently with fast path processor 
packet processing, including processing packets signaling the start and end of data sessions, 
packets used to convey information to a particular protocol and packets dependent on interaction 
with external entities (see column 8, lines 57-65). 
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35. Referring to claim 33, Beasley discloses providing said physical interface including a line 
card; providing said ingress processor system as part of a service card; providing said egress 
processor system is provided in one of the service card and another service, providing a line card 
bus connected to the line card; providing a service card bus connected to at least one of the 
service card and the another service card; and providing a switch fabric connecting the line card 
to at least one of the service card and the another service card (see column 8, lines 44-65 and 
column 10, lines 26-47). 

36. Referring to claim 34, Beasley discloses providing said ingress processor system and said 
egress processor system as part of said service card; providing another service card with another 
ingress processor system for processing all or part of packets received from said line card and for 
sending ingress processed packets for egress processing and another egress processor system for 
receiving ingress processed packets and for processing all or part of received packets for sending 
to the line card; sending packets between service cards for ingress processing by one service card 
and egress processing by another service card or for ingress processing using more than one 
service card (see column 10, lines 26-47). 

37. Referring to claim 35, Beasley discloses providing another line card as part of said 
physical interface; connecting said another line card, via said switch fabric to at least one of said 
service card and said another service card (see column 10, lines 26-47). 

38. Referring to claim 36, Beasley discloses using said switch fabric to connect any one of 
said line cards to any one of said service cards, whereby any line card can send packet traffic to 
any service card and routing of packet traffic is configured one of statically and dynamically by 
the said line card (see column 10, lines 26-47). 
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39. Referring to claim 37, Beasley discloses providing said service card bus as a static bus for 
connection to one of said service cards through said switch fabric to one of said line cards and a 
dynamic bus for connecting a service card to another service card through said fabric card 
allowing any service card to send packet traffic requiring ingress processing to any other service 
card for ingress processing and allowing any service card to send traffic requiring egress 
processing to any other service card for egress processing, whereby the system can make use of 
unused capacity that may exist on other service cards (See Figure 1 and column 1, lines 12-67). 

40. Referring to claim 38, Beasley discloses receiving packets from a network with a first 
packet protocol as part of said step of receiving packets; using a first module ingress processing 
subsystem for said step of ingress processing of packets to produce end-to-end packets; 
transferring the end-to-end packets to a second module egress packet processing subsystem; 
using a second module egress processing subsystem for egress packet processing to produce 
packets for sending to a network with a second packet protocol; receiving packets from the 
network with the second packet protocol; using a second module ingress processing subsystem 
for ingress processing to produce end-to-end packets; transferring the end-to-end packets to a 
first module egress processing subsystem; using the first module egress packet processing 
subsystem for egress packet processing to produce packets for sending to the network with the 
first packet protocol (see column 10, lines 26-47). 

41 . Referring to claim 39, Beasley discloses that the first module is a service card for packet 
processing with the ingress processing subsystem separate from the egress processing subsystem 
and the second module is a service card for packet processing with the ingress processing 
subsystem separate from the egress processing subsystem (see column 10, lines 26-47). 
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42. Referring to claim 40, Beasley disclose providing a switch fabric; connecting a first line 
card to the switch fabric via a bus, the first line card providing a network interface; connecting 
the first service card to the switch fabric via a bus; connecting a second line card to the switch 
fabric via a bus, the second line card providing a network interface with the first packet protocol; 
connecting the second service card to the switch fabric via a bus; transferring packets from the 
first line card to the first service card via the fabric card and connected busses; transferring 
packets from the first service card to the second service card via the fabric card and connected 
busses; transferring packets from the second service card to the second line card via the fabric 
card and connected busses (see Figure 1 and column 10, lines 26-47). 

43. Referring to claim 41, Beasley discloses transferring packets from the second line card to 
the second service card via the fabric card and connected busses; transferring packets from the 
second service card to the first service card via the fabric card and connected busses; transferring 
packets from the first service card to the first line card via the fabric card and connected busses 
(see Figure 1 and column 10, lines 26-47). 

44. Referring to claim 42, Beasley discloses providing a switch fabric; connecting a first line 
card to the switch fabric via a bus, the first line card providing a network interface; connecting a 
first service card to the switch fabric via a bus; connecting a second line card to the switch fabric 
via a bus, the second line card providing a network interface; connecting a second service card to 
the switch fabric via a bus, the second line card providing a network interface; connecting a 
second service card to the switch fabric via a bus; transferring packets from the first line card to 
the first service card; processing packets at the first service card including one or more of de- 
encapsulation and decryption as part of said step of ingress processing of packets, transferring 
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packets from the first service card to the second service card; processing packets at the second 
service card including one or more of encapsulation and encryption as part of said step of egress 
processing packets; transferring packets from the second service card to the second line card (see 
Figure 1 and column 10, lines 26-47). 

45. Referring to claim 44, Beasley discloses segregating traffic including physical 
segregating data traffic using one or more service card and one or more line card with traffic 
flows segregated from data traffic on one or more other service card and one or more other line 
card (see Figure 1 and column 10, lines 25-47). 

Claim Rejections - 35 USC §103 

46. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

47. Claims 8, 9, 30, and 43 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Beasley (U.S. Patent No. 5,949,785) in view of Pullen et al. (U.S. Patent No. 6,038,228). 

48. Referring to claims 8, 9, and 30 Beasley differs from claims 8 and 9 in that he fails to 
disclose that said ingress processor system includes a security processor subsystem for 
processing security packets requiring one or more of decryption and authentication, said 
processing occurring concurrently with fast path processor packet processing. However, 
processors for encryption and decryption are old and well known in the art. For example, Pullen 
et al. teach the use of processors for encryption and decryption (see column 8, lines 33-40), 
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which have the advantage of providing secure communication. One skilled in the art would have 
recognized the advantage of using a processor for encryption and decryption as taught by Pullen 
et al Therefore, it would have been obvious to a person with ordinary skill in the art at the time 
of the invention to incorporate the use of a processor for encryption and decryption as taught by 
Pullen et al. into the invention of Beasley to achieve the advantage of providing secure 
communication. 

49. Referring to claim 43, Beasley discloses that each of said first service card and said 
second service card process ingress packets from a line card, including encapsulation processing 
separate from processing egress packets to a line card, including de-encapsulation and decryption 
with separate processing subsystems. Beasley differs from claim 43 in that he fails to disclose 
performing encryption in the line card. However, encryption and decryption are old and well 
known in the art. For example, Pullen et al. teach the use of processors for encryption and 
decryption in a line card (see column 8, lines 33-40), which have the advantage of providing 
secure communication. One skilled in the art would have recognized the advantage of using a 
processor for encryption and decryption as taught by Pullen et al Therefore, it would have been 
obvious to a person with ordinary skill in the art at the time of the invention to incorporate the 
use of a processor for encryption and decryption as taught by Pullen et al. into the invention of 
Beasley to achieve the advantage of providing secure communication. 

50. Claims 10 and 31 are rejected under 35 U.S.C. 103(a) as being unpatentable over Beasley 
(U.S. Patent No. 5,949,785) in view of Redlich (6,591,306). 

5 1 . Referring to claims 1 0 and 3 1 , Beasley differs from claims 1 0 and 3 1 in that he fails to 
disclose that said ingress processor system includes a special care packet processor for additional 



Application/Control Number: 09/8 1 1 ,204 Page 1 5 

Art Unit: 2665 

packet processing concurrently with fast path processor packet processing, said special care 
packet processor processing packets including one or more of network address translation (NAT) 
processing and NAT processing coupled with application layer processing (NAT-ALG). 
However, NAT processing is old and well known in the art for use in gateway systems such as 
that taught by Beasley. For example, Redlich teaches the use of NAT, which has the advantage 
of facilitating communication between two networks using different protocols (see column 13, 
lines 53-67 and column 14, lines 1-18). 

52. Claims 14 and 22 are rejected under 35 U.S.C. 103(a) as being unpatentable over Beasley 
(U.S. Patent No. 5,949,785) in view of Teraslinna (U.S. Patent No. 5,229,990). 

53. Referring to claims 14 and 22, Beasley differs from claims 14 and 22 in that he fails to 
disclose that each of said service cards is identical and a spare service card is provided, for 
functionally replacing any one of the other service cards to provide redundancy. However, 
Providing spare cards for redundancy is old and well known in the art. For example, Teraslinna 
teaches just such a concept (see column 1), which has the advantage of increasing reliability (see 
column 1, line 13). One skilled in the art would have recognized the advantage of using spare 
cards as taught by Teraslinna. Therefore, it would have been obvious to a person with ordinary 
skill in the art at the time of the invention to incorporate the use of spare cards as taught by 
Teraslinna into the invention of Beasley to achieve the advantage of increasing reliability. 

Conclusion 

54. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 
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55. U.S. Patent No. 6,101,543 to Alden et al. teaches a pseudo network adapter for frame 
capture, encapsulation, and encryption. 

56. U.S. Patent No. 6,680,933 to Cheesman et al. teaches a method of routing network traffic 
through a network switch. 

57. U.S. Patent No. 4,727,495 to Cheetham et al. teaches a data communication system with 
a plurality of line cards and a single service card. 

58. U.S. Patent No. 5,276,684 to Pearson teaches an arrangement of cards and backplane 
with separate ingress and egress processing. 

59. U.S. Patent No. 5,781,320 to Byers teaches a network switch architecture that 
multiplexes the communications between the plurality of cards. 

60. U.S. Patent No. 5,61 5,21 1 to Santore et al. teaches a network switch with a TDM 
backplane for transferring packets between cards. 

61 . U.S. Patent No. 6,272, 129 to Dynarski et al. teaches a switch architecture using separate 
cards for interfaces and processing. 

62. U.S. Patent No. 5,495,478 to Wilkinson et al, teaches a switch architecture using different 
cards for line interfaces and ingress and egress processing. 

63. U.S. Patent No. 6,259,699 to Opalka et al. teaches a switch architecture separating 
physical layer processing, policing functions, and buffering before transferring data to the 
backplane and then on for further buffering, egress processing, and physical layer processing. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Michael J Molinari whose telephone number is (703) 305-5742. 
The examiner can normally be reached on Monday-Thursday 8am-6:30pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Huy Vu can be reached on (703) 308-6602. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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